<?php
	include "connection_functions.php";
	db_connect();
	session_start();
	$bike_id=$_POST['id'];
	$price=$_POST['total_price'];
	$date_from=$_POST['date_from'];
	$date_to=$_POST['date_to'];
	$order_num=$_POST['order_num'];
	$username=$_SESSION['username'];

$order_num=mysql_real_escape_string($order_num);
$username=mysql_real_escape_string($username);
$bike_id=mysql_real_escape_string($bike_id);
$date_from=mysql_real_escape_string($date_from);
$date_to=mysql_real_escape_string($date_to);
$price=mysql_real_escape_string($price);

mysql_query("INSERT INTO orders (id, username, bike_id, date_from, date_to, total_price) 
VALUES ('$order_num', '$username', '$bike_id', '$date_from', '$date_to', '$price')") or die(mysql_error());

$date_from=mysql_real_escape_string($date_from);
$date_to=mysql_real_escape_string($date_to);
$bike_id=mysql_real_escape_string($bike_id);

mysql_query("UPDATE bike SET date_from='$date_from', date_to='$date_to' WHERE id='$bike_id'");

echo "<h1>Order Completed</h1>";
?>

<meta HTTP-EQUIV="REFRESH" content="4; url=home.php"> </meta>
